Hi There!
Letting SSH out into the wilds is a HUGE security risk!
Either match it onto a fixed ip endpoint, or implement
az easy SSH based VPN like OpenVPN, and
connect through VPN and then SSH through it.
Laszlo Balogh
Terry Gilsenan írta:
From: Phill Edwards [[email protected]]
Sent: Tuesday, 10 November 2009 12:25 PM
To: Shorewall Users
Subject: Re: [Shorewall-users] counter SSH brute force attacks
I haven't counted them here but I suspect that your result is about
average. Together with using 'Limit', I disable password authentication
in all of my SSH servers and then don't worry about it. They can try
until hell freezes over and they still won't get in.
Sorry, but this comment was lost on me! How does disabling password
authentication make you more secure? Are you only allowing access with
private keys or something?
Yep, No opportunity for brute-force dictionary attach, the server is not
interested/listening for a username/password combination, it does the DH bit
and then exchanges certificates, and if there is a match, you are connected.
port knocking, obscure port, and certificates will make it about as good as it
can get.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
NOTE: URL removed for security purposes - contact [email protected]
for support.
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
